A seminal 2008 study introduced the "PassShapes" system, where users create a password by drawing a simple shape composed of up to eight different "strokes" (e.g., a circle, a line, an arc). The system then records the sequence and type of strokes used. Research shows that when users can practice their shape a few times, its memorability increases significantly, a benefit that only grows over time. This suggests that a shape you draw today will likely be easier to recall months from now than a random password, making it ideal for infrequently used but highly sensitive accounts.
Potential applications include:
Users with low vision or color blindness may struggle to identify shapes embedded in complex backgrounds. Systems require robust audio alternatives to remain accessible. Candid Shapes Password
The chart below summarizes the relative strengths of each approach: A seminal 2008 study introduced the "PassShapes" system,
Even the strongest shape‑based password can be stolen or observed in rare circumstances. Security experts universally recommend . Microsoft estimates that MFA can prevent 99.9% of account compromise attacks . Use MFA whenever possible: receive a one‑time code on your phone, use a biometric (fingerprint or face scan), or carry a hardware security key such as a FIDO2 passkey. This suggests that a shape you draw today
While the concept of a Candid Shapes Password is fascinating, widespread adoption faces some hurdles. Most websites and apps are built for text input. However, we are seeing a shift: